This nasty phishing attack allows hackers to steal your Gmail emails using a Chrome extension — how to check if you have it
Microsoft Edge and other Chromium-based browsers too!
According to a joint cybersecurity advisory from teams in Germany and South Korea, a new phishing attack threatens to steal users' Gmail emails without any chance of them realizing it happened.
Bleeping Computer first reported on the phishing threat, which serves as the delivery vehicle for a malicious Chrome extension that once active will redirect the user's Gmail emails to the hacker's servers (via TechRadar).
How to find out if you are a victim of this attack
While the attack vector is a Chrome extension, it's important to remember that Chrome isn't the only Chromium-based browser. Other popular browsers like Microsoft Edge and Brave also support Chrome extensions and would be similarly vulnerable to this attack.
The attack is utilizing Chrome extension APIs aimed at developers to bypass account security and route the emails directly to the hacker.
With that out of the way, here's how to check whether you have been impacted.
1. Open your browser
2. Enter "(chrome|edge|brave)://extensions" in your address bar.
Not every deal is worth a squeal. Get only the good stuff from us.
The deal scientists at Laptop Mag won't direct you to measly discounts. We ensure you'll only get the laptop and tech sales that are worth shouting about -- delivered directly to your inbox this holiday season.
3. Look for an extension simply named "AF" in your list of extensions.
4. If present, delete this extension and review your Gmail account to determine what valuable information could have been stolen.
The North Korean group responsible for this threat is known as Kimsuky and it's just the latest in a long line of attacks perpetrated by them. Typically they focus their efforts on high-value targets such as those in politics, professors, journalists, and diplomats, so if you fall into any of those categories you need to be particularly wary.
The best way to stay safe is to never install Chrome extensions, or any software for that matter, from an unknown source.
Sean Riley has been covering tech professionally for over a decade now. Most of that time was as a freelancer covering varied topics including phones, wearables, tablets, smart home devices, laptops, AR, VR, mobile payments, fintech, and more. Sean is the resident mobile expert at Laptop Mag, specializing in phones and wearables, you'll find plenty of news, reviews, how-to, and opinion pieces on these subjects from him here. But Laptop Mag has also proven a perfect fit for that broad range of interests with reviews and news on the latest laptops, VR games, and computer accessories along with coverage on everything from NFTs to cybersecurity and more.